Shetef Solutions & Consulting (1998) Ltd.

Publisher Information

Shetef Solutions & Consulting (1998) Ltd. is a software developer located in Rannana, N/a in Israel*. The company is a primary distributor of unwanted software. Shetef uses the Amonetize is a pay-per-insall monetization and distribution platform to distribute adware installers as well as other potentially unwanted software, mostly wrapping legitimate programs in adware bundles. Thre are 4 additional code signing certificates issued to this publisher.
Authority:
Thawte, Inc.

Valid from:
2/21/2012 7:00:00 PM

Valid to:
2/21/2013 6:59:59 PM

Subject:
CN=Shetef Solutions & Consulting (1998) Ltd., O=Shetef Solutions & Consulting (1998) Ltd., L=Rannana, S=N/A, C=IL

Issuer:
CN=Thawte Code Signing CA - G2, O="Thawte, Inc.", C=US

Serial number:
40812da0f7cb2ecd4955fd76e0a6c493

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.ShetefSolutionsConsulting1998.I, PUP.ShetefSolutionsConsulting1998.H, PUP.ShetefSolutionsConsulting1998.N, PUP.ShetefSolutionsConsulting1998.C, PUP.Installer.ShetefSolutionsConsulting1998, PUP.ShetefSolutionsConsulting1998.Installer (M), PUP.Amonetize.ShetefSolutionsConsulting1998.Bundler (M)
100.00%

ESET NOD32
Win32/Amonetize, Win32/Amonetize potentially unwanted
40.00%

Kingsoft AntiVirus
Win32.Troj.Generic.a.(kcloud)
30.00%

Dr.Web
Trojan.DownLoader6.57617, Adware.Bho.3839, Threat.Undefined, Adware.Toolbar.150, Adware.Plugin.8, Trojan.AVKill.21360, Trojan.AVKill.22863
20.00%

Sophos
Amonetize, PUA 'Amonetize'
12.00%

Trend Micro House Call
TROJ_PAM_0000040299.T3, TROJ_GEN.F47V0823, TROJ_GEN.F47V0724, TROJ_GEN.F47V0809, TROJ_GEN.F47V0808, TROJ_GEN.F47V0715
12.00%

G Data
Win32.Adware.Conduit, Win32.Adware.Crossrider, Application.Generic.614344
10.00%

avast!
NSIS:PUP-gen [PUP], Win32:Malware-gen, Win32:Dropper-gen [Drp]
8.00%

K7 Gateway Antivirus
Unwanted-Program , Adware
8.00%

K7 AntiVirus
Unwanted-Program , Adware
8.00%

1 / 68      (Adware)
am-in.exe (iNTERNET Turbo by Clasys)  (7f7143271dd24043435824fc9704c033)

1 / 68      (Adware)
internetturbocon.exe  (2d8e7c0d86d9b69f04d58369dc61958a)

1 / 68      (Adware)

1 / 68      (Adware)
setup_766.exe (iNTERNET Turbo by Clasys)  (cc4521a7af18bb34951eed3e30b15b6b)

1 / 68      (Adware)
internetturbosetup.exe (iNTERNET Turbo by Clasys)  (6c8ce3e3043ee9895bec7ac01e6e71d1)

1 / 68      (Adware)

1 / 68      (Adware)
setup_1029.exe (iNTERNET Turbo by Clasys)  (f981e01696b57e775ab856d91742c976)

1 / 68      (Adware)
setup_900.exe (iNTERNET Turbo by Clasys)  (f2ebcdfda904d0032f0968010a9f2190)

1 / 68      (Adware)
ws__116-v32_10.exe (iNTERNET Turbo by Clasys)  (382fbe34ba058cb14cbcadc8fb345e06)

1 / 68      (Adware)
im__60-v31_1.exe (iNTERNET Turbo by Clasys)  (bc0741119ce46658279c5dc5330e833d)

1 / 68      (Adware)
internetturbosetup__400.exe (iNTERNET Turbo by Clasys)  (0ffc1520d4385b9eff40b5fad2146115)

1 / 68      (Adware)
aol__115-v32_5.exe.exe (iNTERNET Turbo by Clasys)  (14515b544afce0fabdc9fd2e03ba2d21)

1 / 68      (Adware)
aol__115-v28_5.exe (iNTERNET Turbo by Clasys)  (63880551d8c4bbd28f2bed4e3416b799)

1 / 68      (Adware)
ws_c-116_v-23.exe (iNTERNET Turbo by Clasys)  (256a8e3054b04e1527be09c62942da04)

1 / 68      (Adware)
setup_803.exe (iNTERNET Turbo by Clasys)  (acb57606897e4ce65febd82726d7e715)

1 / 68      (Adware)
setup_802.exe (iNTERNET Turbo by Clasys)  (a09c0a6f93c6762b48c8d3015bd51642)

8 / 68      (Adware)
ws__116-v32_10.exe (iNTERNET Turbo by Clasys)  (8de88d499b7ebcddc814db3475741e33)

6 / 68      (Adware)
con__92-v28_1.exe (iNTERNET Turbo by Clasys)  (21a105e6e9f63224088c23ef7ba62130)

7 / 68      (Adware)
internetturbosetup.exe (iNTERNET Turbo by Clasys)  (6e7c472463bdade163c1a5ff1ddcd34c)

3 / 68      (Adware)
babylon.exe (iNTERNET Turbo by Clasys)  (a64eacc7ae08a8159eaa283e1b790998)

14 / 68    (Adware)
playbrite.exe (iNTERNET Turbo by Clasys)  (de278d06b4f96a187369ea95c2101623)

11 / 68    (Adware)
jollywallet.exe (iNTERNET Turbo by Clasys)  (e166d9f04be0a95d430e087846f69acc)

1 / 68      (Adware)
setup_1206.exe (iNTERNET Turbo by Clasys)  (a50b6fdcc90a6925ec2a4ebb27556fe0)

2 / 68      (Adware)
setup_1117.exe (iNTERNET Turbo by Clasys)  (1b784b4030bc04609ae0da35d520d25f)

1 / 68      (Adware)
avg__226-v28_5.exe (iNTERNET Turbo by Clasys)  (8fd4bb892fbed854d35c80738f4bdad1)

5 / 68      (Adware)
babset1769597.exe (iNTERNET Turbo by Clasys)  (37edee89ecbef3640d01f88e212149b1)

5 / 68      (Adware)
babset1755042.exe (iNTERNET Turbo by Clasys)  (b6b392d1d8ddc397a2b35e651a4357ab)

6 / 68      (Adware)
babset1650506.exe (iNTERNET Turbo by Clasys)  (6123ca86dce994a479c46d9f678e8bc9)

1 / 68      (Adware)
searchresults.exe (iNTERNET Turbo by Clasys)  (7fbfc6ad372b547c3009d98b4fbe7dc9)

1 / 68      (Adware)
setup_770.exe (iNTERNET Turbo by Clasys)  (23aa0893c7405fcf6f2cfde451b3047b)

 
Latest 30 of 90 files

Downloads URLs for files signed by Shetef Solutions & Consulting (1998) Ltd..

1 / 68      (Adware)

1 / 68      (Adware)

1 / 68      (Adware)

The following websites host and distribute files published by Shetef Solutions & Consulting (1998) Ltd..

The certificates below are also signed by Shetef Solutions & Consulting (1998) Ltd..

4B1B72BCEFC0E8  (Oct 13, 2014 to Oct 13, 2015)

009E472EA7B4ADB461EB35F9F783DA3438  (Sep 26, 2014 to Sep 27, 2015)

4F0762A0FB4E2EA75260E9E77B74473E  (Jul 19, 2014 to Aug 19, 2015)

7C23DBB97FAFBB9D28D413F836202024  (Jul 22, 2013 to Jul 23, 2014)

The following publishers (by Authenticode signature organization name) are related.

* Note, the details and description above are based on the code signing digital signature issued to Shetef Solutions & Consulting (1998) Ltd. by Thawte, Inc. on February 21, 2012 with the serial number '40812da0f7cb2ecd4955fd76e0a6c493'.